Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Recent vulnerabilities and exploits

NA
CVE-2021-4202
Re: CVE-2021-4204: Linux Kernel eBPF Improper Input Validation Vulnerability...
NA
CVE-2021-38785
There is a NULL pointer deference in the Allwinner R818 SoC Android Q SDK V1.0 camera driver /dev/cedar_dev that could use the ioctl cmd IOCTL_GET_IOMMU_ADDR to cause a system crash....
NA
CVE-2021-38784
There is a NULL pointer dereference in the syscall open_exec function of Allwinner R818 SoC Android Q SDK V1.0 that could executable a malicious file to cause a system crash....
NA
CVE-2021-22566
An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages from user-mode. An...
NA
CVE-2021-38694
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection....
6.4
CVSSv2
CVE-2019-10744
Affected versions of this package are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload....
Lodash LodashNetapp Service Level Manager -Redhat Virtualization Manager 4.3Oracle Banking Extensibility Workbench 14.3.0Oracle Banking Extensibility Workbench 14.4.0F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Application Visibility And ReportingF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Big-iq Centralized Management 5.4.0F5 Big-iq Centralized ManagementF5 Big-iq Centralized Management 7.0.0F5 Iworkflow 2.3.0
5.8
CVSSv2
CVE-2020-8203
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20....
Lodash LodashOracle Banking Corporate Lending Process Management 14.2.0Oracle Banking Corporate Lending Process Management 14.3.0Oracle Banking Corporate Lending Process Management 14.5.0Oracle Banking Credit Facilities Process Management 14.2.0Oracle Banking Credit Facilities Process Management 14.3.0Oracle Banking Credit Facilities Process Management 14.5.0Oracle Banking Extensibility Workbench 14.2.0Oracle Banking Extensibility Workbench 14.3.0Oracle Banking Extensibility Workbench 14.5.0Oracle Banking Liquidity Management 14.2.0Oracle Banking Liquidity Management 14.3.0Oracle Banking Liquidity Management 14.5.0Oracle Banking Supply Chain Finance 14.2.0Oracle Banking Supply Chain Finance 14.3.0Oracle Banking Supply Chain Finance 14.5.0Oracle Banking Trade Finance Process Management 14.2.0Oracle Banking Trade Finance Process Management 14.3.0Oracle Banking Trade Finance Process Management 14.5.0Oracle Banking Virtual Account Management 14.2.0Oracle Banking Virtual Account Management 14.3.0Oracle Banking Virtual Account Management 14.5.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Cloud Native Core Policy 1.11.0Oracle Communications Session Border Controller 8.4Oracle Communications Session Border Controller 9.0Oracle Communications Session Border Controller Cz8.4Oracle Communications Session Router Cz8.4Oracle Communications Subscriber-aware Load Balancer Cz8.3Oracle Communications Subscriber-aware Load Balancer Cz8.4Oracle Enterprise Communications Broker 3.2.0Oracle Enterprise Communications Broker 3.3.0Oracle Enterprise Communications Broker Pcz3.3Oracle Jd Edwards Enterpriseone ToolsOracle Primavera Gateway
4
CVSSv2
CVE-2019-1010266
lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The...
Lodash Lodash
7.5
CVSSv2
CVE-2018-16487
A prototype pollution vulnerability was found in lodash <4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype....
Lodash Lodash
5
CVSSv2
CVE-2019-10742
Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded....
Axios Axios
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-43893CVE-2021-44828denial of serviceXML injectionCVE-2021-44739XML external entityCVE-2022-20658CVE-2021-44743CVE-2022-23303
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook